Gary McKinnon will likely be sent to the United States to stand trial for various computer crimes

A British hacker accused of breaking into secured government
computers and causing
more than $700,000 in computer damages lost an extradition appeal in the
U.K. Last May, McKinnon was indicted in northern Virginia and New Jersey,
at the same time a British judge decided that the hacker should be extradited
to face charges. This time, two leading British judges rejected the
challenge -- McKinnon now wants his case to be heard in the House of Lords,
England's highest appeals court.

McKinnon
compromised around 100 computer systems, some of which were operated by the
Pentagon and NASA. The alleged intrusions took place from February
2001 to March 2002, leading to McKinnon's arrest in 2002. He was caught
because some of the software he used in the attacks was later traced back to an
e-mail address his girlfriend used.

McKinnon admitted that he made the intrusions, along with saying the damage was
unintentional and he was looking for evidence of UFOs. The U.S. government has
spent a considerable amount of time reassuring U.K. prosecutors that McKinnon
would be given a fair trial once in U.S. jurisdiction.

If convicted, the man who carried out "the biggest military hack of all
time" could face up to 70 years in prison along with fines up to $1.7
million.

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled

In my opinion, even 2-3 years is too much for this. Really, if he could hack into a military system, the military should be THANKING him for pointing out holes in their security, but then again, the military NEVER likes people to point out their shortcomings at all!

We need to be ENCOURAGING people to try to hack into systems that are made to DOD specs that are NOT actually DOD computers, or not connected to the DOD computers that have secret information on them.

That way, the military will have the best of the best hackers trying to get into the system, and when someone does it, they can get the information on how they did it from them and pay them!

This is a very popular myth, but its very very rarely true. The problem here is that no agency can trust such an individual since they have already proven they are willing to break laws. How do you ever give a person like that the keys to a secure network without putting that same network at risk? Having worked for security companies before I can say with certainty that 'black hats' are basically never hired by any security company that is reputable, and governments typically would rather just imprison them than hire them.

Its not like there is a shortage of security experts who choose not to abuse thier skills.

1) Your not breaking the law when your doing security work for the NSA. You have executive authority to do what you are doing.

2) You are the least likely to get into those agencies with any sort of criminal record(even if you were never caught or convicted). Whats more important than supposed skill is the ability of the agent themselves to be trusted by the agency. Black Hats are not trustworthy ever.

Black Hats do not know any 'secret techniques' that other security researchers are unaware of, they simply do not have the morals that White Hats and legitimate researchers have to disclose thier findings without exploiting them. Since there is a fairly large pool of legitimate security researchers and practictioners, there is really no reason to hire criminals. Why hire potential security risks when there are plenty of non-security risks who will do the same job?

Because talents like this guy has are VERY few and far between. For the past 9 years I've worked as a computer programmer (like many others on here) and I've been working with/around/on computers since I could comprehend language but I'm no where near the knowledge level of hacking NASA or much less any reputable company for that matter. Sure, if I devoted my life to it, I'd pick some of it up pretty fast but I don't have the time nor the desire to learn those techniques.

There are good programmers and then there are OMGWTF!!11 this-is-ingenious, programmers.

This guy did nothing special. Like most so-called 'hackers' he simply exploited known problems in commercial operating systems. NASA is not inherantly more secure than any Fortune 500 corporation, they use the same OS's with the same security programs. Like every other network connected system, the security is only as good as the administrator.

I guarantee you that ANY reputable security outfit could have exposed the same flaws he did. The holes are typically already documented, the real flaw is that such agencies have so many internet facing machines, as a result some are bound to have an unpatched flaw.

Good point, and one the President has to answer considering how executive authority has been abused. But thats not really relevant to whether or not an authorized NSA agent is breaking the law, if the President and his deputies tell him to do something, breaking the law would be refusing. If Congress dosen't like it, they will change the policy that allowed whatever it was and the president will have to abide by it. But the NSA employees themselves are NOT breaking the law even when they seem to be ignoring it.

While I do believe that 70 years is excessive for a non-violent crime (and I'm not going to speculate on what I think is a good time), it is worth noting that his time would most likely be served at a federal minimum security prison, aka "Camp Cupcake".If maximum penalties were 1-3years, how many more individuals would be willing to take the risk. The whole point of long potential sentences is that judges can make a determination to the accused's remorse, past history, and potential future wrongdoings. By far, not a perfect system, but it has evolved this way for 220 years.